On Tuesday 25 January 2005 01:01, you wrote: [snip] : > This is exactly the point: if the kernel wants to be safe, the : > authentication procedure should be totally implemented in the kernel : > and be protected against further changes via "alternative" ways... : > but it isn't now and probably won't be although it could be. : : It provides the DVD_AUTH ioctls to handle this. Why are you banging raw : commands at hardware when there is an abstraction for it ? Hello.
This is the way VMware and probably other comparable emulators access the devices. Yes, sometimes you have to risk broken software in favor of augmented security, but so far we only have broken software. : Someone did actually have a demo of a small fs that allowed you to : fiddle with the status but possibly the code could get smarter for : "exclusive user of media". I'm not sure if that is worth it. Do you have the name of the fs and/or the name of author? Do we have a clear understanding that this fs would only be a benefit if *All* the different ways to access the device would use the same policy enforcement and consistently allow or disallow certain operations regardless of the access method? Regards, Elias - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/